Limited Use Users: Standard users that can access only three modules. They also inherit the Express Use grants.

Express Use User: Basic users that can run and view reports, view and approve records, and make updates to work orders that are assigned to them. Read-only access to all application is allowed. This option is available starting from Maximo 7.5.

Unlimited use users: Self Service Requestors, Desktop Requisitions and Health, Safety Environment Self Service Users entitlements are included with core license for unlimited users.

To support this categorization Maximo offers a 'User Type' field available in the Users application.

The set of allowed values is defined in the USERTYPE domain.

User Types Best Practice
I suggest to change the description of the first 4 domain values in agreement with the available user types. Alternatively you can create your own entries: AUTH, LIMITED, EXPRESS, UNLIMITED.

License compliance check

Now let's go to the technical side of the problem. The best way of auditing your Maximo environment's licenses is through SQL queries.
First of all you have to define a new database view.

DROP VIEW checkusers;
CREATE VIEW checkusers AS
SELECT maxuser.type, maxuser.userid, maxmenu.moduleapp, applicationauth.app
FROM applicationauth
INNER JOIN maxmenu ON applicationauth.app=maxmenu.keyvalue
INNER JOIN groupuser ON applicationauth.groupname=groupuser.groupname
INNER JOIN maxuser ON groupuser.userid=maxuser.userid
WHERE
maxuser.status='ACTIVE' AND
maxmenu.menutype='MODULE' AND
maxmenu.moduleapp NOT IN ('REPORTING','HIDDEN') AND
applicationauth.app NOT LIKE '%CONFIG' AND
applicationauth.app<>'KPI' AND
applicationauth.optionname='SAVE'
GROUP BY maxuser.type, maxuser.userid, maxmenu.moduleapp, applicationauth.app;

Note that we are focusing only at SAVE grant because read only is allowed on all applications.

Now take a look at how your users are distributed on the different groups.

SELECT type, COUNT(*)
FROM checkusers
GROUP by type
ORDER BY type;

If the select returns an empty resultset you probably have a translated value in the STATUS field so you have to adjust the view definition.

To go deeper in your analysis you have to check if the users allocated to the different user types have the right level of access. The following queries returns how many modules are granted to each user and what these modules are.

SELECT type, userid, COUNT(*)
FROM checkusers
GROUP by type, userid
ORDER BY type, userid;
SELECT type, userid, moduleapp
FROM checkusers
GROUP BY type, userid, moduleapp
ORDER BY type, userid, moduleapp;

These are the main tools for performing the license audit. Compare your results with licensing terms and conditions.

As far as I know, Limited users cannot have read access to more than 3 modules.Express users are allowed a read only access to all applications.It may be not so easy to check all those strange rules :-)

do you think it's possible to create a query that returns the user list and what modules/applications the user actually has accessed? In other words, not the access grant but the actual footprint of usage.

There is no such info in Maximo tables.If you enable the login tracking you can see the history of logins so you can know who is using Maximo.To track the used applications you should do some customizations to Maximo Java code. Maybe the AppBean class has some method that can be overridden.Mays is also possible with JPS customization.

wow ,this is very interesting and informative post.I like the infoemation about different types of commercial roofing system.I was looking around for blogs like this .Thanks for sharing this valuable post..

Hi, can you please clarify - If we have 100 Limited license can we allocate 40 of those to a set of users to access Module 1,Module 2, Module 3; 40 other users to access Module 3, Module 4 & Module 5 & the remaining 20 users to access Module 6, Module 7 of Maximo Enterprise Asset Management with Transportation Industry solution?

In my client, they assign 1 person to create asset and enter asset data. That's this person only job. Can you tell me, which is the right license, limited or express ? .. I am thinking is should be express, but in your writing above it should be limited

Express Use User: Basic users that can run and view reports, view and approve records, and make updates to work orders that are assigned to them. This option is available starting from Maximo 7.5

I am EAM consultant in Indonesia, i got a problem with user maximo. In IBM Policy, we know that maximo is named user. But, the system cannot protect for the policy. For example, one named user, can be logged in simultaneously. Can you help me to solve this problem?

Hi Bruno, I know this post is pretty old, but i was wondering what about custom applications having new custom tables and classes. Are they count ?In more specific case , what if I have a custom application that is more like "User Self Registration" , where the user is actually using MAXREG to view and submit some data. is this consider a violation of license?

Follow MaximoDev on

Follow by Email

Google+ Followers

Disclaimer

The postings on this site are my own and don't necessarily represent IBM's positions, strategies or opinions.
The materials on this site are provided "AS IS" and the author will not be liable for any direct, indirect or incidental damages arising out or relating to any use or distribution of them.